Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/MuBrmMTenwjyj095pUc6eKtqeFY.roa
File: MuBrmMTenwjyj095pUc6eKtqeFY.roa (raw, json)
Hash identifier: w/K6+TCXCRtxhKzJTtHmhLSRK2Nk4ojfLEvL6st+jrg=
Subject key identifier: 32:E0:6B:98:C4:DE:9F:08:F2:8F:4F:79:A5:47:3A:78:AB:6A:78:56
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 018D548B4B77F1C4B3C25E4C9C3E35B74DD5
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/MuBrmMTenwjyj095pUc6eKtqeFY.roa
Signing time: Mon 29 Jan 2024 09:27:11 +0000
ROA not before: Mon 29 Jan 2024 09:27:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200019
IP address blocks: 45.93.9.0/24 maxlen: 24
45.148.244.0/24 maxlen: 24
78.40.116.0/24 maxlen: 24
93.185.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 13:54:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:54:8b:4b:77:f1:c4:b3:c2:5e:4c:9c:3e:35:b7:4d:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jan 29 09:27:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32e06b98c4de9f08f28f4f79a5473a78ab6a7856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:bd:56:65:8b:e9:0d:b0:2d:03:29:e7:f3:90:
40:f3:80:d9:5f:a4:20:7d:59:60:46:be:7d:eb:c1:
66:a7:af:6c:dc:cf:5a:ab:c0:15:32:2c:28:e9:67:
8d:7c:12:b3:50:43:65:e5:0b:a0:45:9e:f9:89:0f:
3d:ed:02:84:19:44:0a:94:7a:b2:7c:df:4b:53:f7:
12:2a:e9:8f:88:64:8c:48:b9:e8:ba:42:9d:64:d9:
af:51:c8:44:f6:4a:ce:97:51:c6:0c:39:f1:7f:ef:
45:1b:45:62:21:35:da:ad:39:bf:51:e7:24:47:f0:
3a:d6:e6:43:c0:aa:a7:74:65:3c:37:f0:2f:86:27:
33:95:62:6d:34:c3:79:c3:26:53:bb:96:ac:df:a2:
7a:16:cd:71:d5:11:ef:54:b0:8a:34:29:3c:06:0d:
e3:bb:b1:97:13:f9:b7:81:7e:0e:d1:2a:f6:69:09:
1b:0d:4a:70:79:af:40:15:12:9f:e7:6c:a4:32:c3:
d5:ee:86:38:1a:9f:37:67:80:73:9f:bf:0b:68:86:
17:b7:0e:7e:1d:c6:4b:57:cf:25:f3:4e:8d:8a:d1:
9b:0c:2b:13:73:b5:8b:34:53:73:a7:f1:de:2b:22:
7e:51:16:eb:a7:1c:94:c4:97:77:89:8c:34:e6:5f:
0a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:E0:6B:98:C4:DE:9F:08:F2:8F:4F:79:A5:47:3A:78:AB:6A:78:56
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/MuBrmMTenwjyj095pUc6eKtqeFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.9.0/24
45.148.244.0/24
78.40.116.0/24
93.185.167.0/24
Signature Algorithm: sha256WithRSAEncryption
43:8f:4d:50:d9:cb:2a:09:bc:0c:c1:f1:0e:ed:a0:9b:1a:48:
01:86:26:a3:b4:1f:85:a0:bf:f5:46:35:0e:44:f7:2e:14:48:
89:13:12:f6:a8:57:27:66:20:ac:fe:71:24:52:3e:68:66:4c:
91:94:e5:bb:b5:83:be:df:43:5d:b6:23:50:91:d7:3b:be:a2:
62:ca:dc:ae:4d:94:63:78:7a:f9:d0:68:3b:bf:7a:5e:72:51:
7f:cf:a4:39:e2:a6:7a:c5:6e:0d:63:74:b3:4d:68:71:7f:2d:
aa:90:14:43:db:ac:df:2b:fc:b4:59:00:15:fa:da:85:51:16:
c9:be:84:a5:1e:b9:64:36:25:c8:89:7c:4e:37:eb:b8:f0:35:
4e:e6:d7:ba:09:23:0e:29:d8:7d:29:33:e5:00:7f:e6:92:9f:
d6:90:2c:86:4a:97:01:8f:88:72:55:73:ea:62:ef:ef:cf:5e:
c0:41:ae:3e:e3:e4:26:7e:f0:8f:40:be:31:9e:4f:3f:24:a6:
3c:0b:8b:09:a2:fc:7b:6a:fd:30:6b:1b:f5:ba:fe:15:cb:a4:
88:09:88:1e:98:e6:43:25:3c:61:48:0a:dc:5e:04:6b:40:09:
23:f8:30:a7:9d:de:28:d5:5b:7e:5c:cb:93:1b:45:9e:e7:07:
28:0c:da:49
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY1Ui0t38cSzwl5MnD41t03VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjQwMTI5MDkyNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmUwNmI5OGM0ZGU5ZjA4ZjI4ZjRmNzlhNTQ3M2E3OGFiNmE3ODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3b1WZYvpDbAtAynn85BA84DZX6Qg
fVlgRr5968Fmp69s3M9aq8AVMiwo6WeNfBKzUENl5QugRZ75iQ897QKEGUQKlHqy
fN9LU/cSKumPiGSMSLnoukKdZNmvUchE9krOl1HGDDnxf+9FG0ViITXarTm/Ueck
R/A61uZDwKqndGU8N/AvhiczlWJtNMN5wyZTu5as36J6Fs1x1RHvVLCKNCk8Bg3j
u7GXE/m3gX4O0Sr2aQkbDUpwea9AFRKf52ykMsPV7oY4Gp83Z4Bzn78LaIYXtw5+
HcZLV88l806NitGbDCsTc7WLNFNzp/HeKyJ+URbrpxyUxJd3iYw05l8KzwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDLga5jE3p8I8o9PeaVHOniranhWMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvTXVCcm1NVGVud2p5ajA5NXBVYzZlS3RxZUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALV0JAwQA
LZT0AwQATih0AwQAXbmnMA0GCSqGSIb3DQEBCwUAA4IBAQBDj01Q2csqCbwMwfEO
7aCbGkgBhiajtB+FoL/1RjUORPcuFEiJExL2qFcnZiCs/nEkUj5oZkyRlOW7tYO+
30NdtiNQkdc7vqJiytyuTZRjeHr50Gg7v3peclF/z6Q54qZ6xW4NY3SzTWhxfy2q
kBRD26zfK/y0WQAV+tqFURbJvoSlHrlkNiXIiXxON+u48DVO5te6CSMOKdh9KTPl
AH/mkp/WkCyGSpcBj4hyVXPqYu/vz17AQa4+4+QmfvCPQL4xnk8/JKY8C4sJovx7
av0waxv1uv4Vy6SICYgemOZDJTxhSArcXgRrQAkj+DCnnd4o1Vt+XMuTG0We5wco
DNpJ
-----END CERTIFICATE-----
Generated at Fri Feb 2 17:51:03 2024 by rpki-client on console-ams.rpki-client.org